If you are located within the EU, please note that European Distribution Center Motiva BVBA, having its registered address at Sint-Jansveld 11 bus A, 2160 Wommelgem, Belgium, VAT BE 0881.512.541 RPM/RPR Antwerp (individually “EDC“), is carrying out the above processing as joint controller (jointly determining the purposes and means of processing of your personal data) with ESTA and is acting as ESTA’s representative in the EU.
ESTA, together with EDC as the case may arise, is/are hereinafter referred to as “Establishment Labs“, “we“, “us” or “our“.
All personal data is stored in a secure data base.
Establishment Labs may change this policy from time to time by updating this page and notifying you by e-mail (where appropriate or required by law and to the extent that Establishment Labs has your e-mail address). You should check this page from time to time to ensure that you agree with any changes implemented. This policy is effective from August 21st, 2018 (latest revision).
Which personal data we collect
Information you provide
We may collect the following personal data about you that you may provide when accessing or using this website:
- Identification and contact details: name, address, e-mail address, and telephone number
- Data relating to your health: the fact that you are equipped with an implant, procedure dates
- Data relating to your implant(s): it’s (their) serial number
- Data about the warranty program you are subscribed to date of purchase, type, start date, expiration date
- Name of your attending surgeon
You may decide not to provide the information requested in the forms or anywhere in this website, but if you refuse, we may not be able to provide you the requested services relating to the creation of your account, the registration of your implants, and your participation in any benefits, as well as to comply with our legal obligations, and your data will not be used in the manner described in this document.
Automatic Information Collection
For which purposes and on basis of which legal bases we collect personal data
We will use your personal data and information in accordance and conformity with the terms described in the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 and other applicable international and local regulations.
We require the personal data identified in the section “Which personal data we collect” above to provide you with the services you require, comply with our legal obligations, and understand your needs and provide you with better service, and, in particular, for the following reasons:
|Purposes of processing||Legal bases for the processing of “standard” or non-special categories of data||Legal bases for the processing of special categories of data (health related data)|
|Registration of your implant(s) via your account, including internal record keeping, provision of related customer services, and responding to your requests||– Legitimate interests pursued by Establishment Labs or by a third party in carrying out and organizing our business activities
– Performance of the contract entered into between you and Establishment Labs relating to the registration of your implants
|– Your explicit and free consent|
|Compliance with mandatory Materiovigilance or other applicable legal requirements, including to contact you if there are any important health information that we are legally required to provide you||– Compliance with a legal obligation to which we are subject
– Protection of your vital interests
|– For reasons of public interest in the area of public health, such as ensuring high standards of quality and safety of medical devices, on the basis of EU or Member State law, which provides for suitable and specific measures to safeguard your rights and freedoms of the data subject – in particular, professional secrecy|
|Participation in the warranty or insurance programs to which you would subscribe||Performance of the contract entered into between you and Establishment Labs relating to your subscription to determined warranty or insurance programs||– Your explicit and free consent|
|To improve our products and services||– Legitimate interests pursued by Establishment Labs or by a third party in carrying out our business activities||– Your explicit and free consent|
|To send you emails about new products, special offers, or other information which we think you may find interesting using the email address which you have provided
This is not applicable for Belgium
|– Your consent to the processing of your data / Legitimate interests pursued by Establishment Labs to inform our existing customers about similar products or services we provided||– Your explicit and free consent|
|To contact you by email, phone, fax, or mail for market research or medical research purposes||– Your consent to the processing of your data||– Your explicit and free consent|
|To customize (this application / this website) according to your interests||– Legitimate interests pursued by Establishment Labs or by a third party in offering tailored experience to the users of (this application / this website)||– Your explicit and free consent|
How we may share personal data
For the purposes and based on the legal bases described under the section “For which purposes and on basis of which legal bases we collect personal data” above, Establishment Labs may need to disclose and transfer personal data as detailed in this section.
When required to achieve the above purposes, Establishment Labs may share personal data:
- with your prior (explicit) consent or as you may direct;
- between ESTA and EDC, acting as joint controllers (if applicable);
- with affiliated companies of Establishment Labs, primarily for business and operational purposes (a list of Establishment Labs’ affiliated companies is available at https://establishmentlabs.com/);
- with our insurance providers, who shall protect your information with the same care and only use your personal data as processors on our behalf and in accordance with our instructions;
- with our service providers [that provide web-related, data storage, advertising, or analytics services to us so that we can administer web servers and store information on a secure database or on back-up disks], who shall protect your information and only use your personal data as processors on our behalf and in accordance with our instructions;
- when required by law or by the courts or other law enforcement authorities or judiciary authorities of the countries where we have operations.
The above recipients may be located in Costa Rica, Belgium, USA, Brazil, UK, Sweden, Denmark, or Norway, which include countries outside the EEA that are not recognized as providing an adequate level of protection. In any case, we will only transfer personal data to recipients that provide an adequate level of data protection or as permitted by data protection laws by implementing appropriate safeguards, including relevant data transfer agreements based on the EU Commission Standard Contractual Clauses for the transfer of data to third countries (Article 46, 2., (c) of the GDPR as of 25 May 2018. A copy of these appropriate safeguards may be obtained from firstname.lastname@example.org (see further contact details in the Section “How to contact us” below).
Only a limited number of individuals within Establishment Labs will be granted access to personal data about you on a need-to-know basis.
Personal data about other individuals
We are committed to ensuring that your personal data is secure. In order to prevent accidental or unlawful destruction or accidental loss, misuse, unauthorized access, disclosure, alteration, or destruction, and against any other unlawful form of processing of personal data as defined by applicable data protection laws, we have put in place – and required that any third-party services providers and/or processors processing personal data on our behalf and under our instructions put in place – appropriate technical and organizational measures to safeguard and secure the personal data we collect and process online or otherwise in the context of your use of this website. Both EDC and ESTA (if you are located in the EU) are responsible for implementing and maintaining such security measures to protect personal data stored on their respective servers, platforms, and systems.
However, please note that no electronic transmission or storage of information is 100% secure. Therefore, despite the security measures that we have put in place to protect personal data about you, we cannot guarantee that loss, misuse, or alteration of data will never occur.
Links to other websites
This website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and refer to the privacy statement applicable to the website in question.
How long we may keep personal data
Your personal data will not be kept for longer than necessary for the purposes identified herein, or as required to comply with our obligations under applicable law or for the establishment, exercise, or defense of legal claims, which can, in principle, be up to 10 years after the end of your contractual relationship with Establishment Labs (if any), unless shorter or longer retention periods apply under applicable law.
What are your rights?
Right of access: you have the right to obtain confirmation as to whether or not your personal data is processed, and, if so, to request access to such personal data as well as other information about such processing that are also contained in this policy.
Right to rectification: you have the right to have inaccurate personal data about yourself rectified or completed if it is incomplete.
Right to erasure (‘right to be forgotten’): you have the right to request that we erase your personal data.
Right to restriction of processing: you have the right to request from us that we limit the way we use your personal data.
Right to data portability: you have the right to receive the personal data you provided, in a structured, commonly used, and machine-readable form and to transmit that data to another controller or to have it transmitted directly from us to another controller.
Right to object: you have the right to object, on grounds relating to your particular situation, at any time, to the processing of your personal data and we may have to stop processing your data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims. You have the right to object, at any time, to the processing of your personal for direct marketing purposes.
How to contact us
What are cookies?
Cookies are files or pieces of information that may be stored on your computer (or other internet–enabled devices, such as a smartphone or tablet) when you visit this website. A cookie will usually contain the name of the website from which the cookie has come from, the “lifetime” of the cookie (i.e. how long the cookie will remain on your device), and a value, which is usually a randomly generated unique number.
Two types of cookies may be used: “session cookies” and “persistent cookies”. Session cookies are automatically deleted at the end of your browsing session. Persistent cookies remain longer on your device, for the duration of each specific cookie, and will remain valid until its set expiry date (unless deleted by the user before the expiry date).
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website. Cookies do not contain any information that personally identifies you, [but personal information that we store about you may be linked to the information stored in and obtained from cookies].
Many cookies on this website perform essential functions or services you have requested or are used for security purposes, as further described in the section below.
What types of cookies does this website use?
The table below summarises the different types of cookies we use on this website, together with their respective purposes and duration.
- Functional Cookies
- Functional Cookies
|Cookie Name||Purpose of the cookie||Duration of the cookie|
|Cookie banner||This cookie is used to control the appearance of the cookie’s information/consent banner.||Persistent|
|Preference cookie||This cookie is used to remember a user’s choice about cookies on the website.||Persistent|
|Language cookie||This cookie is used to remember user’s language choice on the website.||Persistent|
|Country cookie||This cookie is used to remember a user’s choice of country/ location (to keep it for next visit, for example).||Persistent|
|Authentication cookie||These cookies are used to identify unique visitors to the website. These cookies allow us to remember users so that we can provide users with access to pages personal to them, for example, personal account pages. These cookies help maintain your visit secure.||Session|
- Analytics Cookies
|Cookie Name||Purpose of the cookie||Duration of the cookie|
Cookies with names beginning _ut
Common Google Analytics cookies are, _utma, _utmb, _utmc, and _utm
|Google Analytics is a web analytics service provided by Google, Inc. (“Google”). These cookies are used to collect information about how visitors use the website. We use the information to compile reports and to help improve the website. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the website from and the pages visited.
More information can be found at http://www.google.com/analytics/learn/privacy.html
- Third Party Cookies
|Cookie Name||Purpose of the cookie||Duration of the cookie|
|Google Adsense||We publish Google Adsense interest-based advertisements on this website. These are tailored by Google to reflect your interests. To determine your interests, Google will track your behaviour across the web using cookies. You can view, delete or add interest categories associated with your browser using Google’s Ads Preference Manager, available at: http://www.google.com/ads/preferences/
|Atlas Ad Serving
|This cookie is used to collect information about the marketing activity and the sales driven from this activity. We use the information to compile reports and to help to improve this website and marketing activity. The cookies collect information in an anonymous form, including the number of clicks to the site from marketing activity, where the clicks have come from and the number of sales.
Used to personalize web pages to the preferences of each user, gather demographic information about how many users visit the page and for how long they spend viewing it, monitor which banners are displayed to the user and for how long.
More information can be found at: http://atlassolutions.com/privacy-policy
When you visit this website, you may receive cookies from third–party websites or domains. We do not control the placing of these cookies and you should check the relevant third party’s website for more information about these cookies. The relevant third party is responsible for providing you with information regarding the cookies they place and obtaining your consent before placing cookies on your device.
- Internet Explorer: http://windows.microsoft.com/en-US/windows-vista/How-to-manage-cookies-in-Internet-Explorer-9
- Chrome: http://support.google.com/chrome/bin/answer.py?hl=en-GB&hlrm=nl&answer=95647
- Firefox: http://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?s=cookies&r=5&as=s
- Safari: http://support.apple.com/kb/PH5042
If you disable the cookies that this website uses, this may impact your experience while on this website – for example, you may not be able to visit certain areas of this website or you may not receive personalized information when you visit this website.
You can also delete cookies already stored on your computer.
Again, doing this may have a negative impact on the usability of many websites.